{"draft":"draft-housley-cms-content-constraints-extn-06","doc_id":"RFC6010","title":"Cryptographic Message Syntax (CMS) Content Constraints Extension","authors":["R. Housley","S. Ashmore","C. Wallace"],"format":["ASCII","HTML"],"page_count":"38","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"IETF - NON WORKING GROUP","abstract":"This document specifies the syntax and semantics for the\r\nCryptographic Message Syntax (CMS) content constraints extension.\r\nThis extension is used to determine whether a public key is\r\nappropriate to use in the processing of a protected content.  In\r\nparticular, the CMS content constraints extension is one part of the\r\nauthorization decision; it is used when validating a digital\r\nsignature on a CMS SignedData content or validating a message\r\nauthentication code (MAC) on a CMS AuthenticatedData content or CMS\r\nAuthEnvelopedData content.  The signed or authenticated content type\r\nis identified by an ASN.1 object identifier, and this extension\r\nindicates the content types that the public key is authorized to\r\nvalidate.  If the authorization check is successful, the CMS content\r\nconstraints extension also provides default values for absent\r\nattributes.  [STANDARDS-TRACK]","pub_date":"September 2010","keywords":["[--------]","authorization","PKI","certificate","trust anchor","TAMP",""],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC6010","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc6010"}